There is a springboot plugin for api development that integrates security.
Its called spring-boot-beapi-starter
I have run it on a Raspberry pi with 1gb of memory.
On a 3.2GHZ machine with 4 cores, it can get 7000/rps with full security
(cors, jwt, oauth, etc)... and this is not headless and with running the DB
on the same host.
You just need to add
maven{ url 'https://s01.oss.sonatype.org/content/repositories/snapshots/'}
to your repositories and then add to your dependencies:
implementation 'io.beapi:spring-boot-starter-beapi:0.9.0-SNAPSHOT'
https://beapi-io.github.io/beapi-docs/0.9/index.html
Owen Rubel
oru...@gmail.com
On Tue, Dec 17, 2024 at 4:43 AM Arjan van IJzendoorn
<arjan.van.ijzendo...@blockbax.com.invalid> wrote:
> Hello Tomcat friends,
>
> Our Spring Boot 3.4.0 application uses Tomcat 10.1.33. Recently we started
> seeing the memory usage of our app grow and after three days it would reach
> its memory limit and crash.
>
> We investigated heap dumps and found that a single data structure inside
> Tomcat grew by 240MB in a single day. It is the
> 'recycledRequestsAndResponses' stack inside Http2Protocol.java. This data
> structure was introduced in the 3 latest commits on Http2Protocol.java:
>
>
> https://github.com/apache/tomcat/commits/9669f73517971e2b45280979a63b8153585cddc8/java/org/apache/coyote/http2/Http2Protocol.java
>
> It was introduced in Tomcat 10.1.27 (not released) and released as part of
> Tomcat 10.1.28:
>
> > Align HTTP/2 with HTTP/1.1 and recycle the container internal request
> and response processing objects by default. This behavior can be controlled
> via the new discardRequestsAndResponses attribute on the HTTP/2 upgrade
> protocol. (markt)
>
> It only applies to HTTP/2 requests, and we get a steady stream of those
> from other internal services. Requests from the outside world are always
> HTTP 1.1. As you can see in the Memory Analyzer screenshot, each request in
> the stack is rather large (360KB). There are byte arrays of 65535 bytes
> that are only filled with 200 characters.
>
> There is a limit to the stack which is set in this line:
>
> > recycledRequestsAndResponses.setLimit(http11Protocol.getMaxConnections());
>
> In our case the maximum number of connections is 8192. So. the stack could
> theoretically become as large as 8192 x 360KB (almost 3 Gigabyte).
>
> I do see code to "recyle" (i.e. clear) the request before putting it onto
> the stack:
>
> > requestAndResponse.recycle();
> This clears a lot of fields but (probably intentionally) not some of the
> larger fields.
>
> Fortunately, we can disable this mechanism, and we have just deployed a
> version of our app with 'discardRequestsAndResponses' set to true by
> customizing the 'TomcatServletWebServerFactory'. After running for two and
> a half hours, we can already see that our app now consumes memory at a
> slower rate.
>
> Are we doing something wrong? Is the maximum number of connections
> unreasonably high? Is there some reason why our Request objects become so
> large?
>
> Kind regards, Arjan van IJzendoorn
>
>
>
>
>
